<?php
	session_start();
	if(!isset($_POST["us"]))
	{
		header("location:index.php?act=6");
	}
	$us = $_POST["us"];
	$ps = $_POST["ps"];
	
	include("../code/DataProvider.php");
	$sql = "SELECT * FROM nguoidung WHERE tendangnhap = '".$us."' AND matkhau = '".$ps."' AND BiXoa = 0";
	$result = DataProvider::ExecuteQuery($sql);
	$row = mysql_fetch_array($result);
	if($row != null)
	{
		$_SESSION["manguoidung"] = $row["manguoidung"];
		$_SESSION["tennguoidung"] = $row["tenguoidung"];
		$_SESSION["loainguoidung"] = $row["maloainguoidung"];
		
		$url = $_SESSION["urlHienTai"];
		header("location:".$url);
	}
	else
		header("location:../index.php?act=6");
?>